CNNVD-202510-3594 Information

CNNVD ID

CNNVD-202510-3594

Related CVE

CVE-2025-12260

• CNNVD Published: 2025-10-27

Description (Chinese)

TOTOLINK A3300R是中国吉翁电子（TOTOLINK）公司的一款无线路由器。 TOTOLINK A3300R 17.0.0cu.557_B20221024版本存在安全漏洞，该漏洞源于对文件/cgi-bin/cstecgi.cgi中参数enable的错误操作，可能导致栈缓冲区溢出。

Description (English)

TOTOLINK A3300R is a wireless router of the Chinese company TOTOLINK. A 17.0.0cu.557 B20221024 contains a security loophole, which stems from an error in the enable parameter in document/cgi-bin/cstecgi.cgi, which may result in a spilling out of the silo buffer zone.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

吉翁电子

Published

2025-10-27

Last Modified

2026-02-24

References

https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3300R/setSyslogCfg.md https://vuldb.com/?ctiid.329931 https://vuldb.com/?id.329931 https://vuldb.com/?submit.673727 https://www.totolink.net/

Patch

https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/241/ids/36.html